<%@ page language="java" contentType="text/html; charset=UTF-8"
	pageEncoding="UTF-8"%>
<%@ taglib prefix="shiro" uri="http://shiro.apache.org/tags"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
	<h3>登录成功页面</h3>
	<shiro:hasRole name="ROLE_ADMIN">
		<p>这是管理员才能看到的消息...</p>
	</shiro:hasRole>
	${user.username },欢迎您。
	<a href="<%=request.getContextPath() %>/logout.do">注销</a>
	<hr />
	<h3>添加用户的权限</h3>
	<form action="<%=request.getContextPath()%>/user/add.do">
		username:<input type="text" name="username" /><br /> password:<input
			type="password" name="password" /><br /> <input type="submit" />
	</form>
	<hr />
	<h3>查看用户权限</h3>
	<shiro:hasPermission name="user:view">
		<a href="<%=request.getContextPath()%>/user/view.do">查看用户</a>
	</shiro:hasPermission>
	<hr/>
	<h3>shiro 注解权限拦截测试</h3>
	<a href="<%=request.getContextPath()%>/func/admin.do">管理员角色拦截</a>
	<a href="<%=request.getContextPath()%>/func/method.do">user:view权限拦截</a>
	<a href="<%=request.getContextPath()%>/func/delete.do">user:delete权限拦截</a>
</body>
</html>